feat(settings): Add MFA guard to 2FA setup from settings #19432

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merged

vpomerleau merged 1 commit into main from FXA-12229

Oct 3, 2025

Contributor

vpomerleau commented Sep 10, 2025 •

edited

Loading

NOTE: This PR contains 2 commits, only 00ada1d is part of the review scope here.

Because

We want to guard the totp creation endpoints and flow

This pull request

Add MFA guard to 2FA setup from settings
Add MFA version of POST /recoveryCodes, /recovery_phone/confirm, /recovery_phone/change
Add Swagger docs for recovery phone routes
Use MFA authenticated endpoints added in feat(mfa): Add MFA endpoints for TOTP setup #19473
Update functional tests

Issue that this pull request solves

Closes: FXA-12229

Checklist

Put an x in the boxes that apply

My commit is GPG signed.
If applicable, I have modified or added tests which pass locally.
I have added necessary documentation (if appropriate).
I have verified that my changes render correctly in RTL (if appropriate).

Screenshots (Optional)

Please attach the screenshots of the changes made in case of change in user interface.

Other information (Optional)

vpomerleau force-pushed the FXA-12229 branch 2 times, most recently from 7656f1c to 00ada1d Compare

September 18, 2025 03:02

vpomerleau changed the title ~~WIP feat(auth, settings): Add MFA guard to 2FA setup from settings~~ feat(settings): Add MFA guard to 2FA setup from settings

vpomerleau marked this pull request as ready for review

September 18, 2025 03:21

vpomerleau requested a review from a team as a code owner

September 18, 2025 03:21

dschom self-requested a review

September 18, 2025 17:36

dschom reviewed

View reviewed changes

packages/fxa-auth-client/lib/client.ts Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-auth-client/lib/client.ts Outdated Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-auth-server/docs/swagger/totp-api.ts Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-auth-server/lib/routes/totp.js Outdated Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-auth-server/test/local/routes/totp.js Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-auth-server/test/local/routes/totp.js Outdated Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-auth-server/test/local/routes/totp.js Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-settings/src/models/Account.ts Outdated Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-settings/src/models/Account.ts Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-settings/src/components/Settings/UnitRowTwoStepAuth/index.tsx Outdated Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-settings/src/components/Settings/index.tsx Outdated Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-settings/src/components/Settings/index.test.tsx Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-settings/src/components/Settings/index.test.tsx Outdated Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-settings/src/pages/InlineRecoverySetupFlow/container.tsx Outdated Show resolved Hide resolved

dschom reviewed

View reviewed changes

packages/fxa-settings/src/pages/InlineRecoverySetupFlow/interfaces.ts Show resolved Hide resolved

dschom reviewed

View reviewed changes

Contributor

dschom left a comment

Just a drive by with coments. I'll do a little manual testing, but the changes look great. Thanks for extra clean up, btw!

vpomerleau mentioned this pull request

feat(mfa): Add MFA endpoints for TOTP setup #19473

Merged

4 tasks

vpomerleau force-pushed the FXA-12229 branch 5 times, most recently from 83e818b to e4d55c0 Compare

September 26, 2025 21:54


          feat(auth, settings): Add MFA guard to 2FA setup from settings

1e43b2b

Because:

* We want to guard the totp creation endpoints and flow

This commit:

* Add MFA authentication variants of the 2FA setup endpoints (existing endpoints conserved for inline flow)
* Add MFA guard to 2FA setup from settings

Closes #FXA-12229

vpomerleau force-pushed the FXA-12229 branch from e4d55c0 to 1e43b2b Compare

October 1, 2025 20:07

dschom approved these changes

View reviewed changes

Contributor

dschom left a comment

Just did some manual testing, and it looks good to me! Thanks for these changes.

vpomerleau merged commit 4151fab into main

19 checks passed

vpomerleau deleted the FXA-12229 branch

October 3, 2025 19:42

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet